Iptables for desktop

Kernels & Hardware, configuring network, installing services

Iptables for desktop

Postby cds60601 » 2018-05-03 05:02

General question: Assuming your cable modem (or whatever your connection may be at home) is setup properly (or out of the box for that matter), for a home desktop user would you implement iptables on your system as an extra precaution or just use your Deb install as is?
Would like to hear some pros / cons and what the general consensus is as I could see it going either way.

Cheers
Chris
Yeah, 220, 221. Whatever it takes.
User avatar
cds60601
 
Posts: 52
Joined: 2017-11-25 05:58

Re: Iptables for desktop

Postby kkremitzki » 2018-05-03 06:39

It's probably overkill for most users--but good security has layers, like an onion. For example, your own computer may be well-kept and secure from the Internet but if you give out your wifi password to a friend with a hacked phone, or you expose something to the Internet that gets pwned, and your computer has no defenses on the LAN, you might have a bad time. But those are unlikely scenarios for most people.
kkremitzki
 
Posts: 2
Joined: 2018-05-03 06:23

Re: Iptables for desktop

Postby arzgi » 2018-05-03 06:55

cds60601 wrote:General question: Assuming your cable modem (or whatever your connection may be at home) is setup properly (or out of the box for that matter), for a home desktop user would you implement iptables on your system as an extra precaution or just use your Deb install as is?
Would like to hear some pros / cons and what the general consensus is as I could see it going either way.

Cheers
Chris


There are many programs that use iptables, but hide if from user. I've used shorewall, and at the moment arno-iptables-firewall, which does not after installing require any actions than reading logs.
arzgi
 
Posts: 109
Joined: 2008-02-21 17:03
Location: Finland

Re: Iptables for desktop

Postby None1975 » 2018-05-03 13:58

For desktop you can use The Uncomplicated Firewall (ufw). It is a frontend for iptables. Ufw provides a framework for managing netfilter, as well as a command-line interface for manipulating the firewall. In my opinion it is simpler solution, because configuring iptables manually is challenging for the uninitiated. And yes, it is a extra security layer.
User avatar
None1975
 
Posts: 429
Joined: 2015-11-29 18:23
Location: Lithuania, Vilnius

Re: Iptables for desktop

Postby debiman » 2018-05-04 03:25

i'm too stupid to use iptables, i use ufw on all my machines.
there's a little redundancy because my router also has a firewall (which works quite differently though), but that's fine.
User avatar
debiman
 
Posts: 2209
Joined: 2013-03-12 07:18

Re: Iptables for desktop

Postby cds60601 » 2018-05-04 20:57

Thanks to those that answered. I know there are several options that any user can use for firewalling (GUI, cli, 3rd part apps, etc) but you all got the general idea - that was whether or not some of us go the extra mile and have some form of firewalling on our Deb-stations or servers.

Like most of you, I to have it on my router but a little extra never hurts :)
Yeah, 220, 221. Whatever it takes.
User avatar
cds60601
 
Posts: 52
Joined: 2017-11-25 05:58


Return to System configuration

Who is online

Users browsing this forum: No registered users and 6 guests

fashionable